Project Strobe is making your data more secure in Chrome and Drive
Chrome extensions will now be required to use permissions with access to the least amount of data.
What you need to know
- Chrome extensions will now be required to use permissions with the least amount of data in order to function.
- Third-party apps will now only be able to access specific files in Drive unless they have been approved by Google.
Google has announced some new policies to better protect your data in Chrome and Drive. The new policies come as part of the Project Strobe initiative, which was started to secure users’ data from third-party apps and extensions.
The latest change to come out of Project Strobe has to do with permissions used by extensions found on the Chrome Web Store. While Google has always encouraged developers to use permissions that access as little data as possible to function, it will now become a requirement.
Extensions found violating this policy will be removed from the Chrome Web Store and extensions which are already installed will be disabled. The new policy goes into effect in the Fall of 2019 to give developers time to update their extensions to comply.
These new requirements go into effect in Fall 2019.
Previously, Google implemented similar policies for Gmail and Android. The changes to SMS and Call Log permissions alone resulted in a 98% decrease in apps that have access to sensitive information.
The policy has now expanded to extensions that also handle user-provided content and personal communications. This will help users stay informed about what is happening with the data you do allow extensions to collect.
The new Drive policy is an extension of the same policy Google uses with Gmail when it comes to apps trying to access your data. From now on when a third-party app requests access to Drive, it will be restricted to specific files.
When it comes to apps that require more broad access to Drive, such as backup utilities, it will have to undergo verification from Google to do so.